Debian Security Advisory

DSA-409-1 bind -- denial of service

Date Reported:
05 Jan 2004
Affected Packages:
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 9114.
In Mitre's CVE dictionary: CVE-2003-0914.
CERT's vulnerabilities, advisories and incident notes: VU#734644.
More information:

A vulnerability was discovered in BIND, a domain name server, whereby a malicious name server could return authoritative negative responses with a large TTL (time-to-live) value, thereby rendering a domain name unreachable. A successful attack would require that a vulnerable BIND instance submit a query to a malicious nameserver.

The bind9 package is not affected by this vulnerability.

For the current stable distribution (woody) this problem has been fixed in version 1:8.3.3-2.0woody2.

For the unstable distribution (sid) this problem has been fixed in version 1:8.4.3-1.

We recommend that you update your bind package.

Fixed in:

Debian GNU/Linux 3.0 (woody)

Architecture-independent component:
Intel IA-32:
Intel IA-64:
Motorola 680x0:
Big endian MIPS:
Little endian MIPS:
IBM S/390:
Sun Sparc:

MD5 checksums of the listed files are available in the original advisory.